Summary: | <media-libs/libraw-0.20.2: Buffer overread (CVE-2020-24870) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | zlogene |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/LibRaw/LibRaw/issues/330 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2021-06-02 18:53:14 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1f50281d24542eec7e9336689170314d24e13e83 commit 1f50281d24542eec7e9336689170314d24e13e83 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-07-24 06:12:25 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-07-24 06:21:40 +0000 media-libs/libraw: drop 0.20.0 Bug: https://bugs.gentoo.org/793956 Signed-off-by: John Helmert III <ajak@gentoo.org> media-libs/libraw/Manifest | 1 - media-libs/libraw/libraw-0.20.0.ebuild | 62 ---------------------------------- 2 files changed, 63 deletions(-) Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=295e8cf0e4525d551c5cd7a97b5b356bf52dcaaa commit 295e8cf0e4525d551c5cd7a97b5b356bf52dcaaa Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-10 04:06:16 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-10 04:16:27 +0000 [ GLSA 202208-07 ] LibRaw: Stack buffer overread Bug: https://bugs.gentoo.org/793956 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-07.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) GLSA released, all done! |